From owner-freebsd-stable@FreeBSD.ORG Tue Apr 11 08:54:13 2006 Return-Path: X-Original-To: freebsd-stable@freebsd.org Delivered-To: freebsd-stable@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id AFACE16A400 for ; Tue, 11 Apr 2006 08:54:13 +0000 (UTC) (envelope-from ml@egonflower.com) Received: from akira.neotokyo.org (host106-93.pool82106.interbusiness.it [82.106.93.106]) by mx1.FreeBSD.org (Postfix) with SMTP id AE34743D48 for ; Tue, 11 Apr 2006 08:54:12 +0000 (GMT) (envelope-from ml@egonflower.com) Received: (qmail 52573 invoked from network); 11 Apr 2006 10:54:10 +0200 Received: from unknown (HELO ?127.0.0.1?) (192.168.2.92) by akira.neotokyo.org with SMTP; 11 Apr 2006 10:54:10 +0200 Message-ID: <443B6FC8.8080503@egonflower.com> Date: Tue, 11 Apr 2006 10:58:48 +0200 From: Matteo 'egon' Baldi User-Agent: Mozilla Thunderbird 1.5 (Windows/20051201) MIME-Version: 1.0 To: freebsd-stable@freebsd.org Content-Type: text/plain; charset=ISO-8859-15; format=flowed Content-Transfer-Encoding: 7bit X-Antivirus: avast! (VPS 0615-0, 08/04/2006), Outbound message X-Antivirus-Status: Clean Subject: bruteforce X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 11 Apr 2006 08:54:13 -0000 Hy, I'm triing to find a solution to bruteforce attack, mostly on port 22, without moving services on different ports. I've try something similar to this: table persist block in quick from pass in on $ext_if proto tcp from any to ($ext_if) port ssh \ flags S/SA keep state \ (max-src-conn-rate 3/30, overload flush global block drop in quick on $ext_if from but i get: gate# pfctl -f /etc/pf.conf /etc/pf.conf:48: illegal timeout name max-src-conn-rate pfctl: Syntax error in config file: pf rules not loaded where do I go wrong?? egon. --------------------------- kernel options: # PF Support options IPSEC device pf device pflog device pfsync options QUOTA #ALTQ Support options ALTQ options ALTQ_CBQ options ALTQ_RED options ALTQ_RIO options ALTQ_HFSC options ALTQ_CDNR options ALTQ_PRIQ ------------------------------------ -- ----------------------------------------------------------------------------------------------- You are not your job. You're not how much money you have in the bank. You're not the car you drive. You're not the contents of your wallet. You're not your fucking khakis. You are the all-singing, all-dancing crap of the world... ---------------------------------------------------------------------------------------------- http://www.015-bsd.org info@015-bsd.org -----------------------------------------------------------------------------------------------